package com.zzyq.pc.web.user.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.zzyq.pc.common.StandardDataFormat;
import com.zzyq.pc.common.base.BaseController;
import com.zzyq.pc.common.plugin.shiro.TokenManager;
import com.zzyq.pc.common.plugin.shiro.ZzyqToken;
import com.zzyq.pc.utils.HttpUtils;
import com.zzyq.pc.web.user.model.User;

/**
 * 
 * <p>
 * 
 * @Title: LoginController.java
 * @Description: 用户登录登出
 * @author: Sywd丶吴迪
 * @date: 2017年9月11日 上午9:56:04
 * @version V1.0
 *          <p>
 */
@Controller
@RequestMapping(value = "/login/", produces = "application/json;charset=UTF-8")
public class LoginController extends BaseController {
    /**
     * 用户登录的接口
     * 
     * @param account
     *            账号(帐号/手机号)
     * @param password
     *            密码
     */
    @ResponseBody
    // @RequestMapping(value = "login", method = RequestMethod.POST)
    @RequestMapping(value = "login")
    public String login(HttpServletRequest httpRequest, HttpServletResponse response, String account, String password) {
        User user = new User();
        StandardDataFormat format = new StandardDataFormat(CODE_ERROR, MSG_ERROR, user);
        ZzyqToken token = new ZzyqToken(account, password);
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(token);
        } catch (Exception e) {
            return HttpUtils.formatData(format, CODE_ERROR, "用户名或密码错误,请检查后重新登录", user);
        }
        if (subject.isAuthenticated()) {
            user = TokenManager.getUser();
            return HttpUtils.formatData(format, CODE_OK, "登录成功", user);
        } else {
            return HttpUtils.formatData(format, CODE_ERROR, "用户名或密码错误,请检查后重新登录", user);
        }
    }

    /**
     * 登出
     */
    @ResponseBody
    @RequestMapping("logout")
    public String logout(HttpServletRequest httpRequest, HttpServletResponse response) {
        StandardDataFormat format = new StandardDataFormat(CODE_ERROR, MSG_ERROR, null);
        try {
            TokenManager.logout();
            return HttpUtils.formatData(format, CODE_OK, MSG_OK, null);
        } catch (Exception e) {
            return HttpUtils.formatData(format, CODE_ERROR, MSG_ERROR, null);
        }
    }

    /**
     * 查询用户是否已经登录(即查询前端获取的session是否有效)
     */
    @ResponseBody
    @RequestMapping(value = "logined")
    public String isLogined(HttpServletRequest httpRequest, HttpServletResponse response,
            @RequestAttribute(required = false) String sessionId) {
        StandardDataFormat format = new StandardDataFormat(CODE_ERROR, MSG_ERROR, null);
        Subject subject = SecurityUtils.getSubject();
        // 如果没有登录，直接进行之后的流程
        if (subject.isAuthenticated()) {
            return HttpUtils.formatData(format, CODE_OK, MSG_OK, null);
        }
        return HttpUtils.formatData(format, CODE_LOGINED, MSG_LOGINED, null);
    }
}
